Accepting request 418790 from home:frispete:Kernel-stable

Hi Larry,

thanks for the positive response.

Sure, let your fix settle before taking the next.

Here's a small change on top, that avoids a chkstat build verification issue.

- adjust file attributes on SUID helpers to avoid chkstat issues

- remove obsolete libgsoap-devel (again)
- remove /usr/lib/udev/rules.d/60-vboxdrv.rules
  - it is overruled from vboxdrv init script anyway
  - vboxdrv generates a /etc/udev/rules.d/60-vboxdrv.rules file
    on _every_ start, note that fact in /etc/default/virtualbox
    and describe a strategy to control this behaviour
- relocate VBoxCreateUSBNode.sh to /usr/lib/virtualbox
  this is, where vboxdrv, resp. the generated 60-vboxdrv.rules
  file is expecting it

OBS-URL: https://build.opensuse.org/request/show/418790
OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=267
This commit is contained in:
OBS User mrdocs 2016-08-22 03:08:37 +00:00 committed by Git OBS Bridge
parent 7996976d6b
commit d98b0f1e64
4 changed files with 35 additions and 22 deletions

View File

@ -1,10 +0,0 @@
KERNEL=="vboxdrv", NAME="vboxdrv", OWNER="root", GROUP="vboxusers", MODE="0660"
KERNEL=="vboxdrvu", NAME="vboxdrvu", OWNER="root", GROUP="vboxusers", MODE="0660"
KERNEL=="vboxnetctl", NAME="vboxnetctl", OWNER="root",GROUP="vboxusers", MODE="0660"
#
#these lines below give access permission to vboxusers to properly work with usb nodes, but enabling them could be security risk (bnc#664520) !!
#if you can live with this security problem put these lines below in to the new file /etc/udev/rules.d/60-vboxdrv.rules so they will stay enabled also after package update
#SUBSYSTEM=="usb_device", ACTION=="add", RUN+="/usr/lib/udev/VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass} vboxusers"
#SUBSYSTEM=="usb", ACTION=="add", ENV{DEVTYPE}=="usb_device", RUN+="/usr/lib/udev/VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass} vboxusers"
#SUBSYSTEM=="usb_device", ACTION=="remove", RUN+="/usr/lib/udev/VBoxCreateUSBNode.sh --remove $major $minor"
#SUBSYSTEM=="usb", ACTION=="remove", ENV{DEVTYPE}=="usb_device", RUN+="/usr/lib/udev/VBoxCreateUSBNode.sh --remove $major $minor"

View File

@ -14,3 +14,13 @@
# #
#SHUTDOWN_USERS="foo bar" #SHUTDOWN_USERS="foo bar"
#SHUTDOWN="savestate" #SHUTDOWN="savestate"
# -------------------------------------------------------------------------------------------------
# By default, vboxdrv creates a file /etc/udev/rules.d/60-vboxdrv.rules every time, it is started,
# that allows full control of this hosts usb devices in virtual machines (given, you allow accessing
# them with the GUI).
# In order to control this ability yourself, copy the generated /etc/udev/rules.d/60-vboxdrv.rules
# file to another name and modify to your needs, e.g. comment out all lines beginning with SUBSYSTEM,
# which will make this hosts usb devices inaccessible AND enable the next line.
#INSTALL_NO_UDEV=1

View File

@ -39,6 +39,24 @@ This is a maintenance release. The following items were fixed and/or added:
"changeset_60565.diff" is removed - fixed in upstream. "changeset_60565.diff" is removed - fixed in upstream.
"vbox-kernel47-cpu_has_pge.diff" -s removed - also fixed in upstream. "vbox-kernel47-cpu_has_pge.diff" -s removed - also fixed in upstream.
-------------------------------------------------------------------
Thu Aug 11 19:38:37 UTC 2016 - hpj@urpla.net
- adjust file attributes on SUID helpers to avoid chkstat issues
-------------------------------------------------------------------
Thu Aug 11 11:48:53 UTC 2016 - hpj@urpla.net
- remove obsolete libgsoap-devel (again)
- remove /usr/lib/udev/rules.d/60-vboxdrv.rules
- it is overruled from vboxdrv init script anyway
- vboxdrv generates a /etc/udev/rules.d/60-vboxdrv.rules file
on _every_ start, note that fact in /etc/default/virtualbox
and describe a strategy to control this behaviour
- relocate VBoxCreateUSBNode.sh to /usr/lib/virtualbox
this is, where vboxdrv, resp. the generated 60-vboxdrv.rules
file is expecting it
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Aug 8 17:13:27 UTC 2016 - Larry.Finger@lwfinger.net Mon Aug 8 17:13:27 UTC 2016 - Larry.Finger@lwfinger.net

View File

@ -32,7 +32,6 @@ Url: http://www.virtualbox.org/
#%(bash %{_sourcedir}/virtualbox-patch-source.sh VirtualBox-%{version}.tar.bz2) #%(bash %{_sourcedir}/virtualbox-patch-source.sh VirtualBox-%{version}.tar.bz2)
Source0: VirtualBox-%{version}-patched.tar.bz2 Source0: VirtualBox-%{version}-patched.tar.bz2
Source1: UserManual.pdf Source1: UserManual.pdf
Source2: %{name}-60-vboxdrv.rules
Source3: %{name}-60-vboxguest.rules Source3: %{name}-60-vboxguest.rules
Source4: %{name}-default.virtualbox Source4: %{name}-default.virtualbox
Source5: %{name}-host-kmp-files Source5: %{name}-host-kmp-files
@ -108,7 +107,6 @@ BuildRequires: kbuild >= 0.1.9998svn2808
BuildRequires: kernel-syms BuildRequires: kernel-syms
BuildRequires: libcap-devel BuildRequires: libcap-devel
BuildRequires: libcurl-devel BuildRequires: libcurl-devel
BuildRequires: libgsoap-devel
BuildRequires: libidl-devel BuildRequires: libidl-devel
BuildRequires: libopenssl-devel BuildRequires: libopenssl-devel
BuildRequires: libqt5-linguist BuildRequires: libqt5-linguist
@ -546,8 +544,6 @@ install -m 644 out/linux.*/release/bin/virtualbox.desktop %{buildroot}%{_datadir
# create a menu entry # create a menu entry
install -m 644 out/linux.*/release/bin/VBox.png %{buildroot}%{_datadir}/pixmaps/virtualbox.png install -m 644 out/linux.*/release/bin/VBox.png %{buildroot}%{_datadir}/pixmaps/virtualbox.png
# install udev rule for host (virtualbox)
install -m 644 %{SOURCE2} %{buildroot}%{_udevrulesdir}/60-vboxdrv.rules
# install config with session shutdown defs # install config with session shutdown defs
install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/default/virtualbox install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/default/virtualbox
#install wrapper script #install wrapper script
@ -570,7 +566,7 @@ install -m 640 %{SOURCE13} %{buildroot}%{_var}/adm/fillup-templates/sysconfig.vb
install -d -m 755 %{buildroot}%{_sysconfdir}/vbox install -d -m 755 %{buildroot}%{_sysconfdir}/vbox
echo -e "#settings for vboxwebsrn\nVBOXWEB_USER=root" > %{buildroot}%{_sysconfdir}/vbox/vbox.cfg echo -e "#settings for vboxwebsrn\nVBOXWEB_USER=root" > %{buildroot}%{_sysconfdir}/vbox/vbox.cfg
# install udev helper script for creating usb devices # install udev helper script for creating usb devices
install -m 0755 -D src/VBox/Installer/linux/VBoxCreateUSBNode.sh %{buildroot}%{_udevrulesdir}/../VBoxCreateUSBNode.sh install -m 0755 -D src/VBox/Installer/linux/VBoxCreateUSBNode.sh %{buildroot}%{_vbox_instdir}/VBoxCreateUSBNode.sh
###################################################### ######################################################
echo "entrering python-virtualbox install section" echo "entrering python-virtualbox install section"
###################################################### ######################################################
@ -771,7 +767,6 @@ exit 0
%{_vbox_instdir}/components/*.xpt %{_vbox_instdir}/components/*.xpt
%dir %{_datadir}/virtualbox %dir %{_datadir}/virtualbox
%config %{_sysconfdir}/default/virtualbox %config %{_sysconfdir}/default/virtualbox
%{_udevrulesdir}/60-vboxdrv.rules
%config %{_sysconfdir}/init.d/vboxdrv %config %{_sysconfdir}/init.d/vboxdrv
%dir %{_sysconfdir}/vbox %dir %{_sysconfdir}/vbox
%config %{_sysconfdir}/vbox/vbox.cfg %config %{_sysconfdir}/vbox/vbox.cfg
@ -779,12 +774,12 @@ exit 0
%{_var}/adm/fillup-templates/sysconfig.vbox %{_var}/adm/fillup-templates/sysconfig.vbox
%{_sbindir}/rcvboxes %{_sbindir}/rcvboxes
%{_sbindir}/rcvboxdrv %{_sbindir}/rcvboxdrv
%{_udevrulesdir}/../VBoxCreateUSBNode.sh %{_vbox_instdir}/VBoxCreateUSBNode.sh
#%verify(not mode) %attr(4755,root,vboxusers) %{_vbox_instdir}/VBoxNetNAT #%verify(not mode) %attr(4750,root,vboxusers) %{_vbox_instdir}/VBoxNetNAT
%verify(not mode) %attr(4755,root,vboxusers) %{_vbox_instdir}/VBoxNetDHCP %verify(not mode) %attr(4750,root,vboxusers) %{_vbox_instdir}/VBoxNetDHCP
%verify(not mode) %attr(4755,root,vboxusers) %{_vbox_instdir}/VBoxNetAdpCtl %verify(not mode) %attr(4750,root,vboxusers) %{_vbox_instdir}/VBoxNetAdpCtl
%verify(not mode) %attr(4755,root,vboxusers) %{_vbox_instdir}/VBoxHeadless %verify(not mode) %attr(4750,root,vboxusers) %{_vbox_instdir}/VBoxHeadless
%verify(not mode) %attr(4755,root,vboxusers) %{_vbox_instdir}/VBoxSDL %verify(not mode) %attr(4750,root,vboxusers) %{_vbox_instdir}/VBoxSDL
%files qt %files qt
%defattr(-, root, root) %defattr(-, root, root)